CVE-2017-6087

HIGH

EyesOfNetwork eonweb < 5.0-0 - Authenticated OS Command Injection via selected_events[] Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-6087. PoCs published by Sysdream.

AI-analyzed exploit summary The exploit demonstrates authenticated remote code execution in EyesOfNetwork (EON) 5.0 via command injection in the `selected_events` and `module` parameters, leveraging unsanitized input passed to `shell_exec()` and `exec()` functions.

Description

EyesOfNetwork ("EON") 5.0 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the selected_events[] parameter in the (1) acknowledge, (2) delete, or (3) ownDisown function in module/monitoring_ged/ged_functions.php or the (4) module parameter to module/index.php.

Exploits (1)

exploitdb WORKING POC

by Sysdream · webappsphp

https://www.exploit-db.com/exploits/41746

View Code ZIP pw:eip

The exploit demonstrates authenticated remote code execution in EyesOfNetwork (EON) 5.0 via command injection in the `selected_events` and `module` parameters, leveraging unsanitized input passed to `shell_exec()` and `exec()` functions.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: EyesOfNetwork (EON) <= 5.0

Auth required

Prerequisites: Authenticated access to EON web interface · Network connectivity to target

MITRE ATT&CK